If you’re running a WordPress site, now would be a good time to ensure you are using very strong passwords. According to reports from HostGator and CloudFlare, there is currently a significant attack being launched at WordPress blogs across the Internet. For the most part, this is a brute-force dictionary-based attack that aim to find the password for the ‘admin’ account that every WordPress site sets up by default.

Both CloudFlare and HostGator, as well as a number of other hosting providers, have taken measures to protect their customers. Besides choosing a very strong password – which is always a good idea – you can also install a number of WordPress plugins that limit the number of login attempts from the same IP address or network to put a stop to these brute-force attacks.

Sara (I think) also did mention the plugin BulletProof Security which uses an htaccess file for its security.